Submitted
by
another random user
on Wednesday November 14, 2012 @06:46AM

another random user writes: Skype vulnerability allowing hijacking of any account if you know just the email address.

All you need to do is register a new account using that email address, and even though that address is already used (and the registration process does tell you this) you can still complete the new account process and then sign in using that account.

Apologies in advance for the following reddit link, but it may be easier for some to read than the original Russian page.

Skype shared the following statement with The Next Web:
“We have had reports of a new security vulnerability issue. As a precautionary step we have temporarily disabled password reset as we continue to investigate the issue further. We apologize for the inconvenience but user experience and safety is our first priority”